I’m trying to sanity check something around AI coding agents. The more I use agents on real repos, the trust issue is often not “did the code compile?” It is “did the agent stay inside the job I gave it?” A small task turns into touching unrelated files, fixing nearby build errors, changing config, adding dependencies, or rewriting something because it found a new problem while working. One possible approach is pretty narrow: before the agent starts, define an approved file mask/scope. If it needs more access, it has to ask. Then CI checks the final PR diff against that approved scope and blocks anything outside it unless there was an approved amendment. My question is: is this actually a painful enough problem in real AI coding workflows, or is it too small and likely to just become a built-in feature of Claude Code/Codex/Cursor/GitHub? If you’re using coding agents on real repo work, would you install something that blocks out-of-scope agent changes, or do your current hooks/CI/review process already cover this well enough? submitted by /u/Few-Ad-1358
Originally posted by u/Few-Ad-1358 on r/ClaudeCode